Audits
Services
Services
Smart Contract Audit
Blockchain Protocol Audit
Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Smart Contract Audit
Mitigate weaknesses in your smart contract and improve its functionality with a double line-to-line code analysis and a separate review by a lead auditor.
Blockchain Protocol Audit
Secure the entire architecture and implementation layers of your blockchain protocol with professional security audits and testing.
Penetration Testing
Proactively detect vulnerabilities in your Web3 project by subjecting your systems to a simulated cyberattack in a secure and controlled environment.
dApp Audit
Identify vulnerabilities in applications interacting with blockchain networks with secure code review and static security analysis.
Crypto Wallet Audit
Code review & static security analysis for crypto wallet apps.
Cross-Chain Bridge Audit
Code review & security analysis for cross-chain crypto bridges.
Bug Bounty
Receive only relevant bug reports or undergo crowdsourced penetration testing with the help of thousands of ethical hackers curated by HackenProof.
Proof of Reserves
Enhance transparency in crypto exchanges with independent on-chain proof of assets’ true collateralization.
CCSS Audit
Assess and strengthen your security practices, identify vulnerabilities, and safeguard valuable digital assets in the ever-evolving cryptocurrency landscape.
Tokenomics Audit & Design
Ensure your token model robustness and efficiency and convey trust to investors and community with our thorough, independent audit of protocol economic security.
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company

The window to exchange $HAI for Hacken Equity Shares ($HES) is now open > Claim your spot today

Weekly News Digest #54

Weekly News Digest #54

Share via:

Persistent backdoor for hackers created by malware, Microsoft has issued a warning

Another piece of malware used by attackers behind the Solarwind attack was identified by Microsoft. Microsoft has called the group responsible for the attack – Nobelium. In April this year, the US and UK officially blamed the Russian Foreign Intelligence Service hacking unit responsible for the attack. Microsoft called the recently discovered malware FoggyWeb and, according to the company, the malware was used by attackers after the compromise of a targeted server.

Several tactics were used by malicious actors to steal network passwords and usernames for gaining admin-level access to Active Directory Federation Services servers. The ultimate goal was to control user access to apps and resources. As a result, even after a cleanup attackers may stay inside a network. FoggyWeb has been widely used by hackers since April 2021.

Hospitals targeted by ransomware attacks experience huge damage

Ransomware attacks against hospitals are resulting in a reduced availability of systems and services thereby causing direct negative consequences for patient care. As a result of ransomware attacks, patients are held longer in hospitals due to delays in tests and procedures. What is the most terrible, ransomware attacks may result in an increase in patient deaths. The research analyzing the impact of ransomware attacks on healthcare hospitals was conducted by The Ponemon Institute think tank in cooperation with cybersecurity company Censinet.

Compared to ransomware attacks targeting supermarkets or retailers, the ones targeting hospitals have more disruptive consequences since patients cannot simply go to another hospital, they don’t have any option. Targeting hospitals through ransomware attacks has become a lucrative business for malicious actors. They realize that these entities do not have any choice but to pay a ransom to continue delivering vital services to patients.

British payroll firm forced to shut down its network due to a cyberattack

Due to the shut down of its network as a result of an experienced cyberattack, a British payroll company has left some contractors without pay. Giant Group was forced to take offline its network and IT infrastructure last Wednesday since it identified suspicious activity. According to the statement made by the company, the attack took place on September 22. A team of experts in the US, UK, and Brussels was immediately put in place by the law firm Crowell & Moring to carry out the investigation of the incident.

Giant Screening was not affected by the attack. Also, Giant Finance+ and the firm’s precision portals are now operational. The attack took place at a time when the UK was experiencing panic buying caused by Brexit. The unspecified number of people did not timely receive their pay. The company did not disclose any information regarding possible information leakage due to the attack. However, Giant Group confirmed that its database is encrypted.

DDoS attack targeting Bandwidth resulted in Power Interruption

The company’s Voice over Internet Protocol was interrupted after a DDoS attack. Malicious actors flooded the network with traffic. Bandwidth shared information regarding the attack on 28 September. According to the statement made by the company’s CEO David Morken, several communication service providers were targeted by cybercriminals. Although the company managed to mitigate the damage caused by the attack, some of its customers have been significantly affected by the incident.

Bandwidth’s support teams and account managers have already contacted all affected parties. After the experienced attack, the company is going to strengthen its focus on security to prevent the occurrence of similar incidents in the future. It’s necessary to mention that other VoIP vendors also experienced outages due to a series of DDoS attacks.

Russia is accused of involvement in «Ghostwriter» cyberattacks by the EU

«Ghostwriter» cyberattacks are targeting several EU members states. On Friday, the EU threatened to take action against Russia due to its possible involvement in these malicious activities. The list of targets of these cyber-attacks includes politicians, officials, several parliaments, and civil society. The mechanism of the attacks provided for accessing computer systems and personal accounts to steal data. The attacks pose a serious threat to the security and democratic values of the EU.

One of the most affected states is Germany. It accused Russia of trying to influence the upcoming elections by committing cyberattacks against its lawmakers. According to the statement made by the German government, the Russian military intelligence service GRU is likely to stand behind the attacks. The Ghostwriter cyberattacks are the combination of disinformation and influence operations with conventional cyberattacks.